Data Protection Delegate in Valencia
Data Protection Delegate in Valencia
In this post, we will talk about the figure of the Data Protection Delegate in Valencia (hereinafter DPD) acquires a prominent importance in the Regulation (EU) 2016/679 and so it is included in the organic law 3/2018, which starts from the principle that it can have a mandatory or voluntary character, be or not integrated into the organization of the responsible or in charge and be both a natural person and a legal person.
The data controllers and processors shall communicate within ten days to the Spanish Data Protection Agency or, as the case may be, to the regional data protection authorities, the designations, appointments and dismissals of the data protection officers both in the cases in which they are obliged to designate them and in the case in which their designation is voluntary.
The Spanish Data Protection Agency and the autonomous data protection authorities shall maintain, within the scope of their respective competences, an updated list of data protection officers, which shall be accessible by electronic means.
Controllers and processors may establish the full or part-time dedication of the delegate, among other criteria, depending on the volume of processing, the special category of data processed or the risks to the rights or freedoms of data subjects.
The legal basis for this new figure is as follows:
- Articles 37 to 39 of the General Data Protection Regulation (EU) 2016/679(GDPR).
- Articles 34 to 37 of the Organic Law 3/2018 on Personal Data Protection and guarantees of digital rights(LOPD-GDD).
Obligation to designate a Data Protection Officer
Article 34 of the LOPD-GDD establishes that it will be mandatory to appoint a Data Protection Officer when the Controller has as its activity any of the following:
- Professional associations and their general councils.
- Educational centers offering education at any of the levels established in the legislation regulating the right to education, as well as public and private universities.
- Entities operating electronic communications networks and providing electronic communications services in accordance with the provisions of their specific legislation, when they routinely and systematically process personal data on a large scale.
- Providers of information society services when they elaborate large-scale profiles of service users.
- The entities included in Article 1 of Law 10/2014, of June 26, on the regulation, supervision and solvency of credit institutions.
- Financial credit institutions.
- Insurance and reinsurance companies.
- Investment services companies, regulated by the Securities Market legislation.
- Electric power distributors and marketers and natural gas distributors and marketers.
- The entities responsible for common files for the evaluation of solvency and creditworthiness or common files for the management and prevention of fraud, including those responsible for the files regulated by the legislation for the prevention of money laundering and the financing of terrorism.
- Entities that carry out advertising and commercial prospecting activities, including commercial and market research, when they carry out processing based on the preferences of the data subjects or carry out activities that involve profiling them.
- Health centers legally obliged to keep patients’ medical records. Exceptions are health professionals who, although legally obliged to keep patients’ medical records, carry out their activity on an individual basis.
- The entities that have as one of their objects the issuance of commercial reports that may refer to natural persons.
- Operators that develop the gaming activity through electronic, computerized, telematic and interactive channels, in accordance with the gaming regulation regulations.
- Private security companies.
- Sports federations when processing data of minors.
Request a quote for your Data Protection Officer
[su_button url=https://businessadapter.es/contacto target=”blank” background=”#f6f903″ color=”#181818″ size=”7″ center=”yes” icon_color=”#000000″]Quote[/su_button]
We will send you a no-obligation presentation on how Business Adapter will develop the functions of data protection officer in Valencia.